Basic Malware Lab

  1. Ubuntu Linux Virtual Machine (If you’re looking to get rolling as fast as possible try downloading REMnux at https://remnux.org/ REMnux comes with a ton of Malware analysis tools. For this setup I will be using a base Linux setup and we will be setting up InetSIM manually (more on InetSIM later) I find you’ll have a better idea on how things work if you build things from scratch.
  2. Windows 7 or Windows 10 Virtual Machine.
Network Settings inside Gust VM
sudo su
$ echo "deb http://www.inetsim.org/debian/ binary/" > /etc/apt/sources.list.d/inetsim.list
$ wget -O - http://www.inetsim.org/inetsim-archive-signing-key.asc | apt-key add -
$ apt update
$ apt install inetsim
auto enp0s3
iface enp0s3 inet static
address 10.0.0.1
netmask 255.255.255.0
service_bind_address    0.0.0.0dns_default_ip    10.0.0.1https_bind_port 8443
$ sudo systemctl disable systemd-resolved.service
$ sudo service systemd-resolved stop
  • Binding tab
  • Bind to port: 443
  • Bind to address: all interfaces
  • Request handling tab:
  • Redirect to host: localhost
  • Redirect to port: 8443
  • Check the box Support invisible proxying
Your’s should look like this.
Windows Machine settings.

Import Burp trusted certificate

**** Before anything double/triple check — ask a friend or co-worker to review that your network settings are set to your internal MalwareNetwork*****

Network Settings inside Gust VM

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store